NTLM | writeups.xyz

Title	Vulnerabilities	Programs	Authors
NTLM Credential Theft in Python Windows Applications	SSRF NTLMv2 Hash Disclosure NTLM Security Code Review	Python Hugging Face (Gradio) Werkzeug Jupyter Snowflake (Streamlit)	Naveen Sunkavally
Drop the Mic (CVE-2019-1166)	NTLM MiTM Internal Pentest	Microsoft (Windows)	AJ Hammond (@4JMAN)
Hello: I’m your Domain Admin and I want to authenticate against you	RCE Privilege Escalation Authentication Coercion Active Directory NTLM Internal Pentest	Microsoft	Ap (@Decoder_it)
Mintty NTLM Leak - CVE-2023-50627	NTLM ANSI Escape Sequences	MinTTY	Solid-Snail
Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes (CVE-2023-35636)	NTLM Information Disclosure	Microsoft (Outlook)	Dolev Taler
CVE-2023-50916: Authentication Coercion Vulnerability in Kyocera Device Manager	Authentication Coercion NTLM	Kyocera	Jordan Hedges
Behind the Query: Unearthing NTLM Hashes with SQL Injection	SQL Injection NTLM	Undisclosed	Shubham Chaskar (@Chaskar_shubham)
GPOddity: Exploiting Active Directory GPOs Through NTLM Relaying, And More!	Active Directory Privilege Escalation NTLM Internal Pentest	Undisclosed	Quentin Roland (@Croco_byte)
Site Takeover via SCCM’s AdminService API	NTLM SCCM Site Takeover	Undisclosed	Garrett Foster (@Garrfoster)
From One Vulnerability to Another: Outlook Patch Analysis Reveals Important Flaw in Windows API	Privilege Escalation NTLM	Microsoft (Outlook)	Ben Barnea (@Nachoskrnl)
Protected Users: you thought you were safe uh?	Active Directory Kerberos NTLM Internal Pentest	Microsoft (Windows)	Aurélien Chalot (@Defte_) Thomas SEIGNEURET (@_Zblurx)
Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability	Privilege Escalation NTLM	Microsoft (Outlook)	Dominic Chell (@Domchell)
LocalPotato - When Swapping The Context Leads You To SYSTEM	Windows NTLM Local Privilege Escalation	Microsoft	Andrea Pierini (@Decoder_it)

Page 1 of 1